We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

Permissions Issue: How to grant non-admins ability to create front and/ or back-end users

    • 38901
    • 4 Posts
    roooney Reply #1, 11 years, 7 months ago
    Hey folks,

    I've encountered a bit of problem with the permissions for non-admin level users. I basically want to grant them the ability to create new front and/ or back end users. In Evo speak I guess this would be the ability to create Web users and Manger Users respectively. I've gone through the permissions and created a special group/role that should be able to do this but in doing so I have not been able to figure out how to limit their access to the rest of the back-end. Currently these users will have access to the elements section etc. and they are essentially admins by another name.

    Any pointers would be appreciated

    Thanks [ed. note: roooney last edited this post 11 years, 7 months ago.]
    • sottwell Reply #2, 11 years, 7 months ago
      You'll need a custom Access Policy that only allows what you want. Then assign that ACL to the group in question. http://rtfm.modx.com/display/revolution20/Permissions
        Studying MODX in the desert - http://sottwell.com
        Tips and Tricks from the MODX Forums and Slack Channels - http://modxcookbook.com
        Join the Slack Community - http://modx.org
        • 3749
        • 24,544 Posts
        BobRay Reply #3, 11 years, 7 months ago
        You need to create a new Policy for them for use in the Context Access ACL entry for the 'mgr' context with any permissions you don't want them to have unchecked in the Policy.

        BTW, in Revolution, there are no 'web' and 'manager' users, there are just users. Context Access ACL entries for User Groups control what they can do and see in the 'web' and 'mgr' contexts.

        You might find this helpful: http://bobsguides.com/revolution-permissions.html

        You may find that the users need to have too much power to do what you want to have them do. Revolution is not very good about letting users manage a subset of other users. If so, you may have to create a custom snippet or a Custom Manager Page (CMP) that lets them create and manage users after logging in.


        ------------------------------------------------------------------------------------------
        PLEASE, PLEASE specify the version of MODX you are using.
        MODX info for everyone: http://bobsguides.com/modx.html

          Did I help you? Buy me a beer
          Get my Book: MODX:The Official Guide
          MODX info for everyone: http://bobsguides.com/modx.html
          My MODX Extras
          Bob's Guides is now hosted at A2 MODX Hosting
          • 38901
          • 4 Posts
          roooney Reply #4, 11 years, 7 months ago
          Thanks folks. I'll poke around the the ACL a little more.

          I hope that BobRay is not correct because that means having to get someone else with PHP experience to write such a snippet.

          Permissions in Revo are too complex, I think. Assuming I haven't missed the answer, I would have thought that my request would have been a fairly common set-up.